Impossible Differential Cryptanalysis on Gimli/Xoodoo Ciphers

FAN Ting; WEI Yongzhuang; LI Lingchen

doi:10.11999/JEIT221038

Volume 45 Issue 10

Oct. 2023

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2023 > 45(10): 3729-3736

FAN Ting, WEI Yongzhuang, LI Lingchen. Impossible Differential Cryptanalysis on Gimli/Xoodoo Ciphers[J]. Journal of Electronics & Information Technology, 2023, 45(10): 3729-3736. doi: 10.11999/JEIT221038

Citation:

FAN Ting, WEI Yongzhuang, LI Lingchen. Impossible Differential Cryptanalysis on Gimli/Xoodoo Ciphers[J]. Journal of Electronics & Information Technology, 2023, 45(10): 3729-3736. doi: 10.11999/JEIT221038

Citation:

PDF( 4404 KB)

Impossible Differential Cryptanalysis on Gimli/Xoodoo Ciphers

doi: 10.11999/JEIT221038

Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Guilin 541004, China

Funds: The National Natural Science Foundation of China (61872103, 62162016), The Innovation Research Team Project of Guangxi Natural Science Foundation (2019GXNSFGA245004)

Received Date: 2022-08-08
Rev Recd Date: 2022-11-24

Available Online: 2022-12-01

Publish Date: 2023-10-31

Abstract

Abstract

Gimli and Xoodoo are large state lightweight block ciphers that have many advantages such as fewer logic gates, low power consumption and fast encryption, and have attracted much attention on the industry. Both are based on 384 bit permutation, while the large state can lead to the increase of difficulty of security analysis. In this paper, the equivalent representations of the AND, OR and S-boxes operations are introduced. And the automatic search model of the impossible differential distinguisher of Gimli and Xoodoo are constructed. Furthermore, a new technique based on "bisection method" is proposed to detect the contradiction for the impossible differential distinguisher, which is used to verify the correctness of the distinguisher. The results show that the impossible differential distinguishers of 10-round Gimli and 4-round Xoodoo are obtained and verified in this paper. Especially, the new impossible differential distinguisher of Gimli is increased by 3 rounds compared with the existing results.
- Impossible differential cryptanalysis,
- Automatic cryptanalysis,
- Gimli,
- Xoodoo

FullText(HTML)

References(18)

References

[1]	NIST. Lightweight cryptography[EB/OL]. https://csrc.nist.gov/Projects/Lightweight-Cryptography, 2018.
[2]	NIST. Lightweight cryptography[EB/OL]. https://csrc.nist.gov/projects/lightweight-cryptography/round-1-candidates, 2019.
[3]	NIST. Lightweight cryptography[EB/OL]. https://csrc.nist.gov/projects/lightweight-cryptography/round-2-candidates, 2021.
[4]	BERNSTEIN D J, KÖLBL S, LUCKS S, et al. GIMLI: A cross-platform permutation[C]. The 19th International Conference on Cryptographic Hardware and Embedded Systems, Taipei, China, 2017: 299–320.
[5]	DOBRAUNIG C, EICHLSEDER M, MENDEL F, et al. ASCON v1.2: Lightweight authenticated encryption and hashing[J]. Journal of Cryptology, 2021, 34(3): 33. doi: 10.1007/s00145-021-09398-9
[6]	BEIERLE C, BIRYUKOV A, DOS SANTOS L C, et al. Lightweight AEAD and hashing using the Sparkle permutation family[J]. IACR Transactions on Symmetric Cryptology, 2020, 2020(S1): 208–261. doi: 10.13154/tosc.v2020.iS1.208-261
[7]	BERTONI G, DAEMEN J, PEETERS M, et al. Keccak[C]. The 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, 2013: 313–314.
[8]	DAEMEN J, HOFFERT S, PEETERS M, et al. Xoodyak, a lightweight cryptographic scheme[J]. IACR Transactions on Symmetric Cryptology, 2020, 2020(S1): 60–87. doi: 10.13154/tosc.v2020.iS1.60-87
[9]	BERNSTEIN D J, KÖLBL S, LUCKS S, et al. Gimli[EB/OL]. https://csrc.nist.gov/CSRC/media/Projects/lightweightcryptography/documents/round-2/submissions-rnd2/gimli.zip, 2019.
[10]	DAEMEN J, HOFFERT S, VAN ASSCHE G, et al. The design of Xoodoo and Xoofff[J]. IACR Transactions on Symmetric Cryptology, 2018, 2018(4): 1–38. doi: 10.13154/tosc.v2018.i4.1-38
[11]	LIU Fukang, ISOBE T, and MEIER W. Automatic verification of differential characteristics: Application to reduced Gimli[C]. The 40th Annual International Cryptology Conference, Santa Barbara, USA, 2020: 219–248.
[12]	谭豪, 申兵, 苗旭东, 等. Gimli认证加密方案的不可能差分分析[J]. 西安电子科技大学学报, 2022, 49(5): 1–9. doi: 10.19665/j.issn1001-2400.2022.05.024 TAN Hao, SHEN Bing, MIAO Xudong, et al. Impossible differential cryptanalysis of the Gimli authenticated encryption scheme[J]. Journal of Xidian University, 2022, 49(5): 1–9. doi: 10.19665/j.issn1001-2400.2022.05.024
[13]	LIU Yunwen, SUN Siwei, and LI Chao. Rotational cryptanalysis from a differential-linear perspective[C]. The 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 2021: 741–770.
[14]	BELLINI E and MAKARIM R. Functional cryptanalysis: Application to reduced-round Xoodoo[EB/OL]. https://eprint.iacr.org/2022/134, 2022.
[15]	SUN Siwei, HU Lei, WANG Peng, et al. Automatic security evaluation and (related-key) differential characteristic search: Application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers[C]. The 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, China, 2014: 158–178.
[16]	SageMath[EB/OL]. http://www.sagemath.org/index.html, 2022.
[17]	Gurobi optimizer 9.1. 2[EB/OL]. http://www.gurobi.com, 2021.
[18]	CUI Tingting, CHEN Shiyao, JIA Keting, et al. New automatic search tool for impossible differentials and zero-correlation linear approximations[EB/OL]. https://eprint.iacr.org/2016/689, 2016.